Memory card

ABSTRACT

It is an object of the invention to improve security of a storage apparatus. The invention has: a flash memory chip; an IC card chip which can execute a security process (encryption, decryption, etc.); and a controller chip for controlling read/write of data from/into the flash memory chip and the IC card chip in response to a request from a host.

TECHNICAL FIELD

The invention relates to a storage apparatus having a security function,a host apparatus in which the storage apparatus can be inserted, and thehost apparatus in which the storage apparatus has been inserted and,more particularly, to a memory card having an electrically erasablenon-volatile memory (for example, flash memory), a host apparatus inwhich the memory card can be inserted, and the host apparatus in whichthe memory card has been inserted.

BACKGROUND ART

An IC card is constructed by embedding an IC (Integrated Circuit) chipinto a plastic card substrate and has external terminals of the IC chipon its surface. As external terminals of the IC chip, there are a powerterminal, a clock terminal, a data input/output terminal, and the like.A connecting apparatus directly supplies a power source and drive clocksfrom the external terminals to the IC chip, so that the IC chipoperates. The IC card exchanges information with the connectingapparatus such as a terminal or the like by transmitting and receivingan electric signal to/from the connecting apparatus via the externalterminals. As a result of the information exchange, the IC cardtransmits a calculation result and stored information or changes thestored information. The IC card can have a function for executing asecurity process such as protection of secret data, personalidentification, or the like on the basis of those operationspecifications. The IC card is used as a user device for personalidentification in a system of credit settlement, banking, or the likewhich needs security of secret information.

The IC card which is used in the security system needs to be designed sothat when an arithmetic operation is executed by using the secretinformation, the secret information or information by which the secretinformation can be presumed is not leaked to the outside. That is, it isnecessary that the IC card has tamper-resistance. As an attacking methodfor analyzing the secret information which must not be leaked to theoutside, a timing analysis, an electric power difference analysis, afailure use analysis, or the like is known.

The timing analysis is an attacking method whereby when a cryptographicprocessing time differs depending on contents of the secret information,the time difference is statistically analyzed and the secret informationis presumed. There is a case where when a cryptographic algorithm isimplemented, optimization such that unnecessary processes are skipped ora branching process is executed in dependence on the contents of thesecret information is applied for the purpose of shortening theprocessing time or reducing a program size. If such optimization isapplied, the cryptographic processing time differs depending on thecontents of the secret information. Therefore, there is a possibilitythat the contents of the secret information can be presumed by checkingthe processing time.

The electric power difference analysis is an attacking method wherebyelectric power which is supplied from the power terminal of the IC cardis measured during execution of a cryptographic process and a differencein electric power consumption is analyzed from the measured power,thereby presuming the secret information.

The failure use analysis is an attacking method using a calculationerror of the IC card. A transient failure is caused or a limited troublein a range where it does not affect other functions is given to the ICcard, thereby making the IC card execute an abnormal process which theattacker desires. If an error is caused on purpose by applying a highvoltage to the IC card or momentarily fluctuating a clock frequency or adrive voltage, there is a possibility that the secret information isobtained from a wrong calculation result which is thus obtained and acorrect calculation result.

The IC card must have countermeasure means against those attackingmethods in practical use.

DISCLOSURE OF INVENTION

It is the first object of the invention to provide a storage apparatusin which security is improved.

The second object of the invention is to provide a storage apparatus inwhich manufacturing is simplified.

To accomplish the first object, the invention comprises: a memory inwhich data can be stored; a processing apparatus which can store thedata and execute a security process of the data; and a controller forcontrolling the memory and the processing apparatus on the basis of acommand from an external host apparatus.

To accomplish the first object, the invention comprises: a flash memorychip; a controller; an external terminal; and an IC chip, wherein aground terminal of the IC chip is connected to the external terminal anda power input terminal, a reset input terminal, a clock input terminal,and a data input/output terminal of the IC chip are connected to thecontroller.

To accomplish the second object, the invention comprises: a flash memorychip in which data can be stored; a controller for controllingread/write of the data from/to the flash memory chip; and an IC chip,wherein after the IC chip is previously authenticated by theauthentication facilities, it is installed.

Other objects, features, and advantages of the invention will beapparent from the following description of the embodiments of theinvention in conjunction with accompanying drawings.

BRIEF DESCRIPTION OF DRAWINGS

FIG. 1 is a diagram showing an internal construction of an MMC to whichthe invention is applied.

FIG. 2 is a diagram showing an internal construction of a host apparatusof the MMC to which the invention is applied and a connecting state ofthe host apparatus and the MMC.

FIG. 3 is a diagram showing signal waveforms upon cold resetting of anIC card chip.

FIG. 4 is a diagram showing signal waveforms upon warm resetting of theIC card chip.

FIG. 5 is a diagram showing signal waveforms upon IC card commandprocessing of the IC card chip.

FIG. 6 is a diagram showing signal waveforms upon inactivation of the ICcard chip.

FIG. 7 is a flowchart showing an access to the MMC by the hostapparatus.

FIG. 8 is a table showing IC card control parameters and contents ofprocesses to an IC card corresponding to the parameters.

FIG. 9 is a detailed flowchart for primary IC card initialization forthe IC card chip.

FIG. 10 is a detailed flowchart for secondary IC card initialization forthe IC card chip.

FIG. 11 is a diagram showing signal waveforms upon IC cardinitialization for the IC card chip in an inactive state.

FIG. 12 is a diagram showing signal waveforms upon IC cardinitialization for the IC card chip in an active state.

FIG. 13 is a detailed flowchart for a security process by the IC cardchip.

FIG. 14 is a diagram showing signal waveforms and a flash memory chipaccess at the time of processing a security processing request writecommand.

FIG. 15 is a diagram showing an example of signal waveforms and a flashmemory chip access at the time of executing the security process by theIC card chip.

FIG. 16 is a diagram showing signal waveforms and a flash memory chipaccess at the time of processing a security processing result readcommand.

FIG. 17 is a diagram showing a correspondence relation between an MMCexternal terminal and an IC card chip external terminal in an interfacedirect mode.

FIG. 18 is a flowchart for a process for shifting to the interfacedirect mode and a process for returning from the interface direct mode.

FIG. 19 is a diagram showing signal waveforms at the time of the processfor shifting to the interface direct mode.

FIG. 20 is a diagram showing signal waveforms at the time of the processfor returning from the interface direct mode.

FIG. 21 is a diagram showing an internal construction of a flash memorychip.

FIG. 22 is a diagram simply showing an internal construction of the MMCto which the invention is applied.

FIG. 23 is a diagram showing an example in which the MMC to which theinvention is applied is applied to contents distribution.

FIG. 24 is a diagram simply showing an internal construction of an SDcard to which the invention is applied.

FIG. 25 is a diagram simply showing an internal construction of a memorystick to which the invention is applied.

FIG. 26 is a diagram showing an internal construction of the IC cardchip of the invention.

FIG. 27 is a diagram showing an example of a security processing requestand each data format of a security processing result.

BEST MODE FOR CARRYING OUT THE INVENTION

An embodiment of the invention will be described hereinbelow.

FIG. 22 simply shows an internal constructional diagram of a Multi MediaCard (Multi Media Card is a registered trademark of InfineonTechnologies AG; hereinafter, abbreviated to “MMC”) to which theinvention is applied. It is desirable that an MMC 110 complies withMulti Media Card specifications. The MMC 110 has a security processingfunction such that a host apparatus 220 connected to the outside issuesa memory card command according to the Multi Media Card specifications,thereby executing a cryptographic arithmetic operation which isnecessary for protection of secret data, personal identification, or thelike. The host apparatus 220 corresponds to, for example, a cellularphone, a Personal Digital Assistant (PDA), a personal computer, a musicplayer (and recorder), a camera, a video camera, an automatic tellermachine, a kiosk terminal, a settlement terminal, or the like. The MMC110 has an MMC external terminal 140, a controller chip 120, a flashmemory chip 130, and an IC card chip 150. The flash memory chip 130 is amemory chip using a non-volatile semiconductor memory as a memory mediumand can read and write data by a flash memory command. The MMC externalterminal 140 is constructed by seven terminals and includes a powersupply terminal, a clock input terminal, a command input/outputterminal, a data input/output terminal, and a ground terminal in orderto exchange information with the external host apparatus 220. Thecontroller chip 120 is connected to other component elements (MMCexternal terminal 140, flash memory chip 130, and IC card chip 150) inthe MMC 110 and is a microcomputer chip for controlling them. The ICcard chip 150 is a microcomputer chip which is embedded into the plasticsubstrate of the IC card, and its external terminals, an electric signalprotocol, and a command comply with the ISO/IEC 7816 standard. Asexternal terminals of the IC card chip 150, there are a power supplyterminal, a clock input terminal, a reset input terminal, an I/Oinput/output terminal, and a ground terminal. The controller chip 120issues an IC card command to the IC card chip 150 from the externalterminal of the IC card chip 150, thereby executing an arithmeticoperation necessary for a security process requested from the externalhost apparatus 220.

FIG. 26 is a diagram showing an internal construction of the IC cardchip of the invention. The IC card chip 150 comprises: a CPU(microcomputer) 158 for executing an arithmetic operating process; a ROM(Read Only Memory) 159, a RAM (Random Access Memory) 160, and an EEPROM(Electrically Erasable Programmable ROM) 162 for storing data (includinga program); a cryptography coprocessor 163 for executing processesregarding encryption/decryption; and a serial interface 161 fortransmitting and receiving data to/from the outside. Those componentelements are connected by a bus 164. The IC card chip 150 itself canexecute the security process by the cryptography coprocessor 163 inaccordance with a command from the host apparatus 220. The CPU 158 canalso execute the security process in accordance with a program(software) in place of the cryptography coprocessor 163 (hardware).

Although the flash memory chip 130 has a storage apparatus, nomicrocomputer exists there. The security process is executed, forexample, when data is written into a storing area in the IC card chip150 or when the data is read out from the storing area in the IC cardchip 150. A memory capacity of the EEPROM of the IC card chip 150 issmaller than that of the flash memory chip 130. However, the memorycapacity of the EEPROM of the IC card chip 150 can be equal to or largerthan that of the flash memory chip 130.

As an IC card chip 150, a product which has been authenticated by theevaluation and authentication facilities of ISO/IEC 15408 as aninternational standard of the security evaluation reference is used.Generally, when an IC card having a function for executing the securityprocess is used in an actual electronic fund transfer service or thelike, the IC card needs to be evaluated and authenticated by theevaluation and authentication facilities of ISO/IEC 15408. In the casewhere the MMC 110 is realized by adding the function for executing thesecurity process to the MMC and used in an actual electronic fundtransfer service or the like, the MMC 110 also similarly needs to beevaluated and authenticated by the evaluation and authenticationfacilities of ISO/IEC 15408. According to the invention, the MMC 110 hastherein the IC card chip 150 which has been authenticated by theevaluation and authentication facilities and has a structure forexecuting the security process by using the IC card chip 150, therebyobtaining the security processing function. Therefore, the MMC 110 caneasily satisfy the security evaluation reference based on ISO/IEC 15408and a developing period of time necessary for adding the securityprocessing function to the MMC can be shortened.

It is preferable that the MMC 110 has an external interface according tothe Multi Media Card specifications. The MMC 110 needs to receive acommand for executing the security process in addition to a standardmemory card command (command for accessing the flash memory chip 130)via one kind of external interface. The controller chip 120 has afunction for selecting the chip to be accessed in accordance withwhether the command received by the MMC 110 is the standard memory cardcommand or the command for executing the security process anddistributing command processes. According to the invention, if thestandard memory card command is received, the flash memory chip 130 isselected, a flash memory command is issued thereto, and host data can beread/written. If the command for executing the security process isreceived, the IC card chip 150 is selected, an IC card command is issuedthereto, and the security process can be executed.

As external terminals of the IC card chip 150, the power supplyterminal, clock input terminal, reset input terminal, and I/Oinput/output terminal excluding the ground terminal are connected to thecontroller chip 120.

The controller chip 120 controls a power supply and a clock supply tothe IC card chip 150 via the power supply terminal and the clock inputterminal. According to the invention, when no security process isrequired from the host apparatus 220, the power supply and the clocksupply to the IC card chip 150 can be stopped and electric powerconsumption of the MMC 110 can be saved.

To set the IC card chip 150 to which no power source is supplied into astate where it can receive the IC card command, first, it is necessaryto start the power supply to the IC card chip 150 and execute aresetting process (including the start of the clock supply). Forexample, when the MMC 110 receives the command for executing thesecurity process from the host apparatus 220, the controller chip 120can start the power supply to the IC card chip 150 via the power supplyterminal by using such receiving timing as a trigger, or it is alsopossible to construct in a manner such that even when the securityprocess is not executed, the power supply to the IC card chip 150 ismaintained and when the MMC 110 receives the command for executing thesecurity process from the host apparatus 220, the controller chip 120executes the resetting process of the IC card chip 150 is executed viathe reset input terminal by using such receiving timing as a trigger.According to the invention, the controller chip 120 can stop the supplyof both of the power source and the clock to the IC card chip 150 oronly the clock supply until the command for executing the securityprocess is received. Therefore, the electric power consumption of theMMC 110 can be saved. When the IC card chip 150 supports the operationof a sleep mode, the electric power consumption can be fairly reducedmerely by stopping only the clock supply when the security process isnot executed. It is because electric characteristics of the IC card at apower voltage 3V have been specified to maximum 50 mA in the normaloperating mode and to maximum 0.5 mA in the clock stop state on thebasis of the ISO/IEC 7816-3 standard. The sleep mode is an operatingmode in which even if the clock supply is stopped, by supplying even thepower source, the internal state (data held in a register or a RAM of acore CPU) of the IC card chip 150 is held.

The controller chip 120 has a function such that a clock signal which issupplied to the IC card chip 150 via the clock input terminal of the ICcard chip 150 is generated in the MMC 110 and its frequency, supplystart timing, and supply stop timing are controlled. According to theinvention, since the operation can be made to have no relation with theclock signal of the clock input terminal of the MMC external terminal140, the security is improved for the attacking method called timinganalysis, electric power difference analysis, or failure use analysis bythe host apparatus 220.

FIG. 21 shows a detailed internal construction of the flash memory chip130. The flash memory chip 130 includes a host data area 2115 and amanaging area 2110. The host data area 2115 is an area where logicaladdresses have been mapped on a sector unit basis and is an area wherethe host apparatus 220 can designate the logical address and read andwrite data. The host data area 2115 includes a user file area 2130 and asecurity process application area 2120. The user file area 2130 is anarea where the user can freely read and write file data. The securityprocess application area 2120 is an area where the host apparatus 220stores data necessary for a security process application. The securityprocess application of the host apparatus 220 logically limits theuser's access lest the user illegally accesses. As data which is storedhere, an application program of the host apparatus 220, dedicated dataof the application, and a certificate and the like which are used in thesecurity process (for example, an electronic fund transfer applicationprogram, electronic fund transfer log information, an electronic fundtransfer service certificate, etc.) can be stored. According to theinvention, in place of the host apparatus 220, the MMC 110 stores thedata which is used when the host apparatus 220 executes the securityprocess, so that usability is improved for the host apparatus 220. Themanaging area 2110 is an area for storing information for allowing thecontroller chip 120 to manage the IC card chip 150. The managing area2110 includes an IC card control parameter area 2111, an IC cardenvironment setting information area 2112, a CLK2 setting informationarea 2113, a security process buffer area 2114, and a security processstatus area 2116. A detailed using method of the areas 2111 to 2116 willbe described hereinlater.

The controller chip 120 uses the security process buffer area 2114 inthe managing area 2110 of the flash memory chip 130 as a main memory ora buffer memory at the time of executing the security process in the ICcard chip 150. When the host apparatus 220 accesses the MMC 110 by thecommand for executing the security process, if the MMC 110 receivessecurity related data of a large size in which it cannot be transmittedin the lump to the IC card chip 150 from the host apparatus 220, thecontroller chip 120 selects the access to the flash memory chip 130 andtemporarily stores the data into the security process buffer area 2114having an enough large capacity. The size in which the data cannot betransmitted in the lump to the IC card chip 150 is a size exceeding apermissible data size (for example, 255 bytes or 256 bytes) of the ICcard command. The controller chip 120 divides the data into data of asize in which the data can be transmitted to the IC card chip 150, readsout the divided data from the flash memory chip 130, and transmits themto the IC card chip 150 step by step. That is, the read/Write of thedivided data are repeated. According to the invention, since thesecurity related data of a large size can be handled for the hostapparatus 220, usability of the security process is improved.

With respect to the managing area 2110 including the security processbuffer area 2114, the host access is physically limited by thecontroller chip 120 so that the host apparatus 220 cannot illegallyaccess it and analyze the security process. That is, that the hostapparatus 220 cannot directly write and read data into/from the managingarea 2110. According to the invention, since the host apparatus 220cannot freely read out and alter the contents in the security processbuffer area 2114, the reliability and safety of the security process areimproved.

FIG. 23 shows a security process of content distribution as an exampleof the security process using the MMC 110. A content provider 2310 is adealer who sells content 2314 to the user who owns the MMC 110. In thisexample, the host apparatus 220 is a terminal which can be connected tothe content provider 2310 via a network or the like. The user connectsthe MMC 110 to the host apparatus 220 and purchases the content 2314.Its procedure will be described hereinbelow.

First, the host apparatus 220 issues a command for reading out a usercertificate 2321 stored in the flash memory chip 130 to the MMC 110. Thecontroller chip 120 of the MMC 110 reads out the user certificate 2321stored in the security process application area 2120 of the flash memorychip 130 and transmits it to the host apparatus 220. The host apparatus220 transmits it to the content provider 2310. The content provider 2310verifies a digital signature appended to the user certificate 2321(2311). If the verification is successful, a session key is formed by arandom number generator (2312) and it is encrypted by a user public keyextracted from the user certificate 2321 (2313). Further, the content2314 is encrypted by the session key (2315). The content provider 2310transmits a result of step 2313 to the host apparatus 220. The hostapparatus 220 issues the command for requesting the security process fordecrypting the result of step 2313 by a user private key 2322 to the MMC110. The controller chip 120 issues the IC card command for decryptingthe result of step 2313 by the user private key 2322 to the IC card chip150. The IC card chip 150 decrypts the result of step 2313 by the userprivate key 2322 and obtains the session key (2323). The host apparatus220 issues a command for outputting information showing whether thedecrypting process is successful or not to the MMC 110. The controllerchip 120 constructs information which is obtained by the host apparatus220 on the basis of a decryption result (IC card response showingwhether the decrypting process is successful or not) which is outputtedfrom the IC card chip 150. The MMC 110 transmits the information to thehost apparatus 220. Subsequently, the content provider 2310 transmits aresult of step 2315 to the host apparatus 220. The host apparatus 220issues a command for requesting the security process for decrypting theresult of step 2313 by the session key (key obtained in step 2323) tothe MMC 110. The controller chip 120 issues the IC card command fordecrypting the result of step 2315 by the session key to the IC cardchip 150. The IC card chip 150 decrypts the result of step 2315 by thesession key and reconstructs the content 2314 (2324). The controllerchip 120 receives the content 2314 from the IC card chip 150 and writesit into the flash memory chip 130. The host apparatus 220 issues thecommand for outputting the information showing whether the decryptingprocess is successful or not to the MMC 110. The controller chip 120constructs the information which is obtained by the host apparatus 220on the basis of the decryption result (IC card response showing whetherthe decrypting process is successful or not) which is outputted from theIC card chip 150. The MMC 110 transmits the information to the hostapparatus 220. When the host apparatus 220 notifies the content provider2310 that the content was successfully received, the content provider2310 charges the user written on the user certificate for a content fee.The user can read out and use the content 2314 stored in the flashmemory chip 130 in the MMC 110 by the host apparatus 220. If a flashmemory of a large capacity is used as a memory medium of the flashmemory chip 130, the user can purchases a lot of content.

According to the invention, both of the security process and the contentstorage in the content distribution can be easily realized by the MMC110. The settlement of a charge for the content can be also made byusing the IC card chip 150.

FIGS. 24 and 25 show simple internal constructional diagrams in the casewhere the invention is applied to an SD card (small memory card whichhas a width of 24 mm, a length of 32 mm, a thickness of 2.1 mm, and nineexternal terminals and in which a flash memory is built) and a MemoryStick (the Memory Stick is a registered trademark of Sony Corporation),respectively. An SD card 2410 to which the invention is appliedincludes: an SD card controller chip 2420; a flash memory chip 2430; anSD-card external terminal 2440; and the IC card chip 150. A Memory Stick2510 to which the invention is applied includes: a Memory Stickcontroller chip 2520; a flash memory chip 2530; a Memory Stick externalterminal 2540; and the IC card chip 150. The flash memory chips 2430 and2530 are memory chips using non-volatile semiconductor memories asmemory media and data can be read and written by a flash memory command,respectively. The SD card controller chip 2420 and the Memory Stickcontroller chip 2520 are microcomputer chips for controlling othercomponent elements in the SD card and the Memory Stick, respectively.

The SD card external terminal 2440 comprises nine terminals and theirpositions are arranged in order from the edge as a Data2 terminal 2441,a Data3 terminal 2442, a Com terminal 2443, a Vss terminal 2444, a Vddterminal 2445, a Clock terminal 2446, a Vss terminal 2447, a Data0terminal 2448, and a Datal terminal 2449. The Vdd terminal 2445 is apower supply terminal. The Vss terminals 2444 and 2447 denote groundterminals. The Data0 terminal 2448, Data1 terminal 2449, Data2 terminal2441, and Data3 terminal 2442 denote data input/output terminals,respectively. The Com terminal 2443 denotes a command input/outputterminal. The Clock terminal 2446 is a clock input terminal. The SD card2410 differs from the MMC 110 with respect to specifications of aninterface with an SD card host apparatus 2460 which is connected to theoutside. However, since the SD card 2410 has a feature such thatexternal terminals which are very similar to the MMC external terminal140 and it operates by issuing a command from the outside in a mannersimilar to the MMC 110, the invention can be applied.

The Memory Stick external terminal 2540 comprises ten terminals andtheir positions are arranged in order from the edge as a Gnd terminal2541, a BS terminal 2542, a Vcc terminal 2543, a DIO terminal 2544 (onereservation terminal Rsv is skipped), an INS terminal 2545, an SCKterminal 2546 (one reservation terminal Rsv is skipped), a Vcc terminal2547, and a Gnd terminal 2548. The Vcc terminals 2543 and 2547 are powersupply terminals. The Gnd terminals 2541 and 2548 denote groundterminals. The DIO terminal 2544 denotes a command and data input/outputterminal. The SCK terminal 2546 is a clock input terminal. The MemoryStick 2510 differs from the MMC 110 with respect to specifications of aninterface with a Memory Stick host apparatus 2560 which is connected tothe outside. However, since the Memory Stick 2510 has a feature suchthat it operates by issuing a command from the outside in a mannersimilar to the MMC 110, the invention can be applied.

FIG. 1 is shows a detailed internal constructional diagram of the MMC towhich the invention is applied. FIG. 2 shows a construction of the hostapparatus 220 connected to the MMC 110 in FIG. 1 and its connectingstate. The host apparatus 220 has a VCC1 power source 221, a CLK1oscillator 222, and a host interface 223.

The MMC 110 has the MMC external terminal 140 for exchanging informationwith the external host apparatus 220. The MMC external terminal 140includes seven terminals comprising a CS terminal 141, a CMD terminal142, a GND1 terminals 143 and 146, a VCC1 terminal 144, a CLK1 terminal145, and a DAT terminal 147. The Multi Media Card specifications specifytwo kinds of operating modes of the MMC such as MMC mode and SPI mode.Using methods of the MMC external terminal 140 are different independence on the operating mode. In the embodiment, the case of theoperation in the MMC mode will be described in detail. The VCC1 terminal144 is connected to the VCC1 power source 221 and is a power sourceterminal for supplying electric power to the MMC 110 from the hostapparatus 220. The GND1 terminals 143 and 146 are connected to the VCC1power source 221 and are electric ground terminals of the MMC 110. TheGND1 terminals 143 and 146 are electrically short-circuited in the MMC110. The CS terminal 141 is connected to the host interface 223 and isan input terminal which is used in the operation in the SPI mode. Whenthe host apparatus 220 accesses the MMC 110 in the SPI mode, an L-levelsignal is inputted to the CS terminal 141. In the operation in the MMCmode, there is no need to use the CS terminal 141. The CMD terminal 142is connected to the host interface 223 and is an input/output terminalwhich is used when the host apparatus 220 transmits a memory cardcommand according to the memory card interface specifications to the MMC110 or receives a memory card response according to the abovespecifications from the MMC 110. The DAT terminal 147 is connected tothe host interface 223 and is an input/output terminal which is usedwhen the host apparatus 220 transmits input data in a format accordingto the memory card I/F specifications to the MMC 110 or receives outputdata in a format according to the above specifications from the MMC 110.The CLK1 terminal 145 is connected to the CLK1 oscillator 222 and is aterminal to which the clock signal which is generated by the CLK1oscillator 222 is inputted. When the host apparatus 220 transmits andreceives the memory card command and the memory card response via theCMD terminal 142 or transmits and receives the host data via the DATterminal 147, the clock signal is inputted to the CLK1 terminal 145. Theclock signal is supplied to the host interface 223 from the CLK1oscillator 222. The memory card command, the memory card response, andthe host data are transferred between the host apparatus 220 and the MMC110 synchronizing with the clock signal which is generated by the CLK1oscillator 222 on a bit unit basis.

The MMC 110 has the controller chip 120. The controller chip 120includes: a CPU 121; a flash memory I/F control circuit 122; an MMC I/Fcontrol circuit 123; a CLK0 oscillator 124; a VCC2 generator 125; a VCC2control circuit 126; a CLK2 control circuit 127; and an IC card I/Fcontrol circuit 128. Those component elements 121 to 128 are madeoperative by electric power supplied from the host apparatus 220 via theVCC1 terminal 144 and the GND1 terminals 143 and 146. The MMC I/Fcontrol circuit 123 is connected to the CS terminal 141, CMD terminal142, CLK1 terminal 145, and DAT terminal 147 and is a logic circuit forcontrolling the interface which is used when the MMC 110 exchangesinformation with the host apparatus 220 via those terminals. The CPU 121is connected to the MMC I/F control circuit 123 and controls the MMC I/Fcontrol circuit 123. When the MMC I/F control circuit 123 receives thememory card command from the host apparatus 220 via the CMD terminal142, the MMC I/F control circuit 123 transmits a response to the hostapparatus 220 via the CMD terminal 142 in order to notify the hostapparatus 220 of a result showing whether the reception of the commandis successful or not. The CPU 121 interprets the received memory cardcommand and executes a process according to contents of the command. Ifit is necessary to transmit and receive data to/from the host apparatus220 via the DAT terminal 147 in accordance with the command contents,the CPU 121 transmits the data to the MMC I/F control circuit 123 andobtains the data from the MMC I/F control circuit 123. Further, the CPU121 also controls a data transfer procedure between the MMC I/F controlcircuit 123 and the host apparatus 220. For example, the CPU 121 outputsan L-level signal to the DAT terminal 147 and notifies the hostapparatus 220 that the MMC 110 is busy so that the host apparatus 220does not stop the power supply to the MMC 110 during the process of thedata received from the host apparatus 220. The CLK0 oscillator 124 isconnected to the CPU 121 and supplies drive clocks for making the CPU121 operative. Although the IC card chip 150 needs the drive clocks, theflash memory chip 130 does not need the drive clocks. However, both ofthe IC card chip 150 and the flash memory chip 130 need data transferclocks for transferring the data.

The MMC 110 has the flash memory chip 130. The flash memory chip 130 isa memory chip using a non-volatile semiconductor memory as a memorymedium. The flash memory chip 130 is made operative by electric powersupplied from the host apparatus 220 via the VCC1 terminal 144 or theGND1 terminals 143 and 146. The flash memory chip 130 has a writingfunction for storing the inputted data into the non-volatilesemiconductor memory and a reading function for outputting the datastored in this memory to the outside in accordance with a flash memorycommand which is inputted from the outside. The flash memory I/F controlcircuit 122 is a logic circuit for issuing the flash memory command tothe flash memory chip 130 and transferring data which isinputted/outputted by such a command. The CPU 121 controls the flashmemory I/F control circuit 122 so as to allow the flash memory chip 130to execute the writing or reading function of the data. When it isnecessary that the data received from the host apparatus 220 is writteninto the flash memory chip 130 or the data stored in the flash memorychip 130 is transmitted to the host apparatus 220, the CPU 121 controlsthe data transfer between the flash memory I/F control circuit 122 andthe MMC I/F control circuit 123.

The MMC 110 has the IC card chip 150. The IC card chip 150 is an IC chipdesigned to be embedded into the substrate of the IC card and has eightexternal terminals which comply with the external terminal standard ofthe IC card. How to use has been assigned to the six terminals amongthem in accordance with the external terminal standard of the IC cardand the remaining two terminals are spare terminals for future use. Thesix terminals are a VCC2 terminal 151, an RST terminal 152, a CLK2terminal 153, a GND2 terminal 155, a VPP terminal 156, and an I/Oterminal 157.

The ground terminal of the IC card chip 150 is connected to the GND1(ground terminal) 146 of the MMC external terminal 140. The VCC2terminal (power input terminal) 151 of the IC card chip 150 is connectedto the VCC2 control circuit 126 of the controller chip 120. The RSTterminal (reset input terminal) 152 and the I/O terminal (datainput/output terminal) 157 of the IC card chip 150 are connected to theIC card I/F control circuit 128 of the controller chip 120. The CLK2terminal (clock input terminal) 153 of the IC card chip 150 is connectedto the CLK2 control circuit 127 of the controller chip 120.

The VCC terminal (power input terminal) of the flash memory chip 130 isconnected to the VCC1 144 of the MMC external terminal 140. The VSSterminal (ground terminal) of the flash memory chip 130 is connected tothe GND1 146 of the MMC external terminal 140. The I/O terminal (datainput/output terminal), a ready/busy terminal, a chip enable terminal,an output enable terminal, a write enable terminal, a clock terminal,and a reset terminal of the flash memory chip 130 are connected to theflash memory I/F control circuit 122 of the controller chip 120.

The VCC2 terminal 151 is a power source terminal for supplying electricpower to the IC card chip 150. The VCC2 control circuit 126 is a circuitfor controlling the start and stop of the supply of the electric powerto the VCC2 terminal 151 by a switching circuit using a MOS-FET device.The VCC2 generator 125 generates a voltage which is supplied to the VCC2terminal 151 and supplies it to the VCC2 control circuit 126. Theelectric signal standard of the IC card specifies Class A and Class B asoperation classes of the IC card. A standard voltage which is suppliedto the VCC2 terminal 151 is equal to 5V in Class A and to 3V in Class B.Although the present invention can be applied irrespective of theoperation class of the IC card chip 150, a case where the IC card chip150 operates in Class B will be described in detail in the embodiment.The VPP terminal 156 is a terminal for supplying a variable voltagewhich is used for writing or erasing data into/from the internalnon-volatile memory when the IC card chip 150 operates in Class A. TheVPP terminal 156 is not used when the IC card chip 150 operates in ClassB. The GND2 terminal 155 is an electric ground terminal of the IC cardchip 150 and is short-circuited to the GND1 terminals 143 and 146. TheVCC2 control circuit 126 is connected to the CPU 121 and the CPU 121 cancontrol the start and stop of the power supply to the VCC2 terminal 151.When the IC card chip 150 is not used, the CPU 121 can stop the powersupply to the VCC2 terminal 151. By stopping the power supply to the ICcard chip 150, the MMC 110 can save electric power which is consumed bythe IC card chip 150. However, if the power supply is stopped, aninternal state of the IC card chip 150 is not maintained except for thedata stored in the non-volatile memory in the IC card chip 150.

The CLK2 terminal 153 is a terminal for inputting a clock signal to theIC card chip 150. The CLK2 control circuit 127 is a circuit forsupplying clocks to the CLK2 terminal 153. The CLK2 control circuit 127generates the clock signal which is supplied to the CLK2 terminal 153 onthe basis of the clock signal which is supplied from the CLK0 oscillator124. The CLK2 control circuit 127 is connected to the CPU 121 and cancontrol the start and stop of the supply of the clocks to the CLK2terminal 153 from the CPU 121. The IC card chip 150 does not have adrive clock oscillator in itself. Therefore, the IC card chip 150 ismade operative by supplying the drive clocks from the CLK2 terminal 153.When the CLK2 control circuit 127 stops the clock supply to the CLK2terminal 153, since the operation of the IC card chip 150 stops, theelectric power consumption of the IC card chip 150 can be saved. At thistime, if the power supply to the VCC2 terminal 151 is held, the internalstate of the IC card chip 150 is maintained. If a frequency of the clocksignal which is supplied to the CLK2 terminal 153 is assumed to be F2, afrequency of the clock signal which is supplied from the CLK0 oscillator124 is assumed to be F0, and P and Q are assumed to be positiveintegers, the CLK2 control circuit 127 forms a clock signal whichsatisfies a relation F2=(P/Q)*F0 and supplies it to the CLK2 terminal153. Values of P and Q can be set by the CPU 121. If F2 is increased bysetting P to a large value, an internal process of the IC card chip 150can be driven at a higher speed. If F2 is decreased by setting Q to alarge value, the internal process of the IC card chip 150 is driven at alower speed, so that the electric power consumption of the IC card chip150 can be saved. A drive clock frequency of the IC card chip 150 needsto be set to a value within an allowable frequency range in which the ICcard chip 150 can operate correctly. For this purpose, the CLK2 controlcircuit 127 has a feature such that the values of P and Q by which thevalue of F2 is out of the allowable frequency range are not set.

The I/O terminal 157 is an input/output terminal which is used when theIC card command is inputted to the IC card chip 150 or the IC card chip150 outputs the IC card response. The IC card I/F control circuit 128 isconnected to the I/O terminal 157 and is a circuit for performing thesignal transmission of the IC card command and the signal reception ofthe IC card response via the I/O terminal 157. The IC card I/F controlcircuit 128 is connected to the CPU 121. The CPU 121 controls proceduresfor transmission and reception of the IC card command and the IC cardresponse which are executed by the IC card I/F control circuit 128, setsthe IC card command data to be transmitted into the IC card I/F controlcircuit 128, or obtains the received IC card response from the IC cardI/F control circuit 128. The clock is supplied from the CLK2 controlcircuit 127 to the IC card I/F control circuit 128. The IC card commandand the IC card response are transmitted and received via the I/Oterminal 157 synchronizing with the clock signal, on a bit unit basis,which is supplied to the CLK2 terminal 153. The RST terminal 152 is aterminal for inputting a reset signal when the IC card chip 150 isreset. The IC card I/F control circuit 128 is connected to the RSTterminal 152 and can send the reset signal to the IC card chip 150 by aninstruction from the CPU 121.

The IC card chip 150 exchanges information on the basis of the electricsignal standard or command standard of the IC card. There are four kindsof access patterns to the IC card chip 150 and each pattern will beexplained by using FIGS. 3 to 6. FIG. 3 simply shows signal waveforms atthe external terminals of the IC card chip 150 in a process in which theIC card chip 150 is activated from an inactive state (state where thepower source is shut off) and initializes the internal state by aninstruction from the CPU 121 (such a process is called a “cold reset”hereinbelow). FIG. 4 simply shows signal waveforms at the externalterminals of the IC card chip 150 in a process in which the IC card chip150 initializes the internal state in an active state (state where thepower source is supplied) by an instruction from the CPU 121 (such aprocess is called a “warm reset” hereinbelow). FIG. 5 simply showssignal waveforms at the external terminals of the IC card chip 150 in aprocess in which the IC card command is transmitted to the IC card chip150 and the IC card response is received from the IC card chip 150 by aninstruction from the CPU 121. FIG. 6 simply shows signal waveforms atthe external terminals of the IC card chip 150 in a process in which theIC card chip 150 is inactivated by an instruction from the CPU 121. InFIGS. 3 to 6, the time is directed from left to right and the signalswhich are obtained at the VCC2 terminal 151, RST terminal 152, CLK2terminal 153, and I/O terminal 157 are shown from the upper row towardthe lower row. A broken line indicates a base (L level) of each signal.

The cold reset operation of the IC card chip 150 will be described withreference to FIG. 3. First, the IC card I/F control circuit 128 sets theRST terminal 152 to the L level (301). Subsequently, the VCC2 controlcircuit 126 starts the power supply to the VCC2 terminal (302).Subsequently, the CLK2 control circuit 127 starts the supply of theclock signal to the CLK2 terminal 153 (303). Subsequently, the IC cardI/F control circuit 128 sets the I/O terminal 157 into a state Z(pulled-up condition) (304). Subsequently, the IC card I/F controlcircuit 128 sets the RST terminal 152 to the H level (305).Subsequently, the IC card I/F control circuit 128 starts the receptionof an answer-to-reset which is outputted from the I/O terminal 157(306). After completion of the reception of the answer-to-reset, theCLK2 control circuit 127 stops the supply of the clock signal to theCLK2 terminal 153 (307). The cold reset operation is completed in thismanner. Step 307 is a device to reduce the electric power consumptionand can be omitted.

The warm reset operation of the IC card chip 150 will be described withreference to FIG. 4. First, the CLK2 control circuit 127 starts thesupply of the clock signal to the CLK2 terminal 153 (401). Subsequently,the IC card I/F control circuit 128 sets the RST terminal 152 to the Llevel (402). Subsequently, the IC card I/F control circuit 128 sets theI/O terminal 157 into the state Z (403). Subsequently, the IC card I/Fcontrol circuit 128 sets the RST terminal 152 to the H level (404).Subsequently, the IC card I/F control circuit 128 starts the receptionof the answer-to-reset which is outputted from the I/O terminal 157(405). After completion of the reception of the answer-to-reset, theCLK2 control circuit 127 stops the supply of the clock signal to theCLK2 terminal 153 (406). The warm reset operation is completed in thismanner. Step 406 is a device to reduce the electric power consumptionand can be omitted.

The operation for transmitting the IC card command to the IC card chip150 and receiving the IC card response from the IC card chip 150 will bedescribed with reference to FIG. 5. First, the CLK2 control circuit 127starts the supply of the clock signal to the CLK2 terminal 153 (501). Ifthe clock has already been supplied, step 501 is unnecessary.Subsequently, the IC card I/F control circuit 128 starts thetransmission of the command data to the I/O terminal 157 (502). Aftercompletion of the transmission of the command data, the IC card I/Fcontrol circuit 128 sets the I/O terminal 157 into the status Z (503).Subsequently, the IC card I/F control circuit 128 starts the receptionof the response data which is outputted from the I/O terminal 157 (504).After completion of the reception of the response data, the CLK2 controlcircuit 127 stops the supply of the clock signal to the CLK2 terminal153 (505). The operation of the transmission of the IC card command andthe reception of the IC card response is completed in this manner. Step505 is a device to reduce the electric power consumption and can beomitted.

The operation for inactivating the IC card chip 150 will be describedwith reference to FIG. 6. First, the CLK2 control circuit 127 sets theCLK2 terminal 153 to the L level (601). Subsequently, the IC card I/Fcontrol circuit 128 sets the RST terminal 152 to the L level (602).Subsequently, the IC card I/F control circuit 128 sets the I/O terminal157 to the L level (603). Finally, the VCC2 control circuit 126 stopsthe power supply to the VCC2 terminal (604). The inactivating operationis completed in this manner.

When the IC card chip 150 stops (for example, a state where the securityprocess is not executed, or the like), it is also possible to stop onlythe supply of the clocks while maintaining the power supply from thecontroller chip 120 to the IC card chip 150.

The IC card chip 150 has a security processing function for executing acryptographic operation which is necessary for protection of secretdata, personal identification, or the like. The IC card chip 150exchanges information by transmitting and receiving the IC card commandand the IC card response to/from the CPU 121, thereby consequentlyexecuting the transmission of the calculation result and the storedinformation, a change in stored information, or the like. The CPU 121can execute the security process by using the IC card chip 150. When theMMC 110 receives a specific memory card command from the host apparatus220, by using the command reception as a trigger, the CPU 121 controlsthe power supply to the IC card chip 150 via the VCC2 control circuit126, controls the clock supply to the IC card chip 150 via the CLK2control circuit 127, or transmits the IC card command to the IC cardchip 150 via the IC card I/F control circuit 128. Thus, the CPU 121executes the security process required by the host apparatus 220 byusing the IC card chip 150. The CPU 121 can also execute the securityprocess by operating a combination of plural operations such as powersupply control, clock supply control, IC card command transmission, andIC card response reception to/from the IC card chip 150 by using thereception of the specific memory card command as a trigger. When thehost apparatus 220 starts the power supply to the MMC 110, the CPU 121can also execute the security process by using the start of the powersupply as a trigger. A result of the security process is constructed onthe basis of the IC card response which is outputted by the IC card chip150 and held in the MMC 110. When the MMC 110 receives the specificmemory card command from the host apparatus 220, the CPU 121 transmitsthe result of the security process to the host apparatus 220 by usingthe reception as a trigger.

FIG. 7 shows a flowchart at the time when the host apparatus 220accesses the MMC 110. First, the host apparatus 220 starts the powersupply to the VCC1 terminal 144 in order to activate the MMC 110 (701).The MMC 110 executes a primary IC card initializing process by using itas a trigger (702). Details of the primary IC card initializing processwill be explained hereinlater. Subsequently, the host apparatus 220transmits an initializing command of the MMC 110 via the CMD terminal142 in order to initialize the MMC 110 (703). The initializing commandcomplies with the Multi Media Card specifications and there are pluralkinds of initializing commands. There is a case where the host apparatus220 transmits plural initializing commands in order to initialize theMMC 110. When the MMC 110 receives the initializing commands, the MMC110 processes them (704). The MMC 110 executes a secondary IC cardinitializing process by using it as a trigger (705). Details of thesecondary IC card initializing process will be explained hereinlater.The host apparatus 220 receives a memory card response to theinitializing commands of the MMC 110 via the CMD terminal 142 anddiscriminates whether the initialization of the MMC 110 has beencompleted or not from the contents of the memory card response. If it isnot completed yet, the initializing commands are transmitted again(703). After completion of the initialization of the MMC 110, the hostapparatus 220 enters a mode for waiting for transmission of a standardmemory card command (command for accessing the flash memory chip 130)complying with the Multi Media Card specifications and the specificmemory card command (command for accessing the IC card chip 150)concerning the foregoing security process (707). In the waiting mode,the host apparatus 220 can transmit the standard memory card command(708). When the MMC 110 receives the standard memory card command, theMMC 110 processes it (709). After completion of the process, the hostapparatus 220 is returned to the waiting mode again (707). In thiswaiting mode, the host apparatus 220 can also transmit a securityprocessing request write command (710). The security processing requestwrite command is one kind of specific memory card commands concernedwith the foregoing security process and is a memory card command fortransmitting a processing request for allowing the MMC 110 to executethe security process. When the MMC 110 receives the security processingrequest write command, the CPU 121 interprets the contents of therequested security process and describes the security process in aformat of the IC card command (711). That is, the CPU 121 converts thestandard memory card command from the host apparatus 230 into a specificmemory card command which can be interpreted by the IC card chip 150 inaccordance with a predetermined rule. The requested security process isexecuted by issuing an IC card command thus obtained to the IC card chip150, or the like (712). After completion of the process, the hostapparatus 220 is returned to the waiting mode again (707). In thewaiting mode, the host apparatus 220 can also transmit a securityprocessing result read command (713). The security processing resultread command is one kind of specific memory card commands concerned withthe foregoing security process and is a memory card command forreceiving a processing result to know a result of execution by the MMC110. When the MMC 110 receives the security processing result readcommand, the CPU 121 constructs the security processing result to betransmitted to the host apparatus 220 on the basis of the IC cardresponse received from the IC card chip 150 (714). The host apparatus220 receives the security processing result from the MMC 110. Aftercompletion of the reception, the host apparatus 220 is returned to thewaiting mode again (707). Step 714 can be also executed in step 712.

In FIG. 7, the primary IC card initializing process and the secondary ICcard initializing process which are executed in steps 702 and 705 areprocesses in which the CPU 121 accesses the IC card chip 150 inpreparation for execution of the security process in the MMC 110.Specifically speaking, the activation or inactivation of the IC cardchip 150, the reset of the IC card chip 150, and the environment settingof the IC card chip 150 are executed. The environment setting denotesthat information which is necessary for executing the security process(for example, information of a cryptography algorithm which can be used,information regarding a private key and a public key which are used inthe cryptographic calculation, information regarding authentication datawhich is used for personal identification, etc.) is read out from the ICcard chip 150 or written into the IC card chip 150. The environmentsetting of the IC card chip 150 is performed by issuing N-time (N is apositive integer) IC card commands to the IC card chip 150. For example,if three session keys are necessary, the IC card command is issued threetimes and if two session keys are necessary, the IC card command isissued twice. The N-time IC card commands can be different or identical.A value of N is not fixed but varies depending on circumstances. The ICcard command which is issued in the environment setting is called asetting command hereinbelow. The IC card command for executing thesecurity process on the basis of the environment setting is called asecurity command hereinbelow. As examples of the security command, thereare commands for executing a calculation of a digital signature, averification of the digital signature, an encryption of a message, adecryption of the encrypted message, an authentication by a password,and the like.

The CPU 121 can freely change the contents of the environment setting ofthe IC card chip 150. The CPU 121 can change the contents in accordancewith the contents or result of the security process or can change themby using the reception of the memory card command from the hostapparatus as a trigger. The CPU 121 can also write information showingthe contents of the environment setting into the flash memory chip 130or read out the information from the flash memory chip 130 and use it asnecessary. Such information is shown as IC card environment settinginformation 2112 in FIG. 21. Thus, even if the MMC 110 is inactivated,its information can be held. Troublesomeness of new setting necessaryeach time the MMC 110 is activated can be omitted.

The primary IC card initializing process and the secondary IC cardinitializing process are executed on the basis of values set in IC cardcontrol parameters A, B, and C. In the security process which isexecuted in step 712, the CPU 121 controls the activation andinactivation of the IC card chip 150 on the basis of a value set in anIC card control parameter D. FIG. 8 shows kinds and set values of ICcard control parameters and contents of processes corresponding to them.First, the parameter A is a parameter regarding the primary IC cardinitializing process which is executed when the power source is suppliedto the MMC 110. When A=0, the CPU 121 does not access the IC card chip150. When A=1, the CPU 121 cold-resets the IC card chip 150. When A=2,the CPU 121 cold-resets the IC card chip 150 and, thereafter, makes theenvironment setting of the IC card chip 150. When A=3, the CPU 121cold-resets the IC card chip 150, thereafter, makes the environmentsetting of the IC card chip 150, and finally inactivates the IC cardchip 150. When A=0 or A=3, after completion of the primary IC cardinitializing process, the IC card chip 150 enters the inactive state.When A=1 or A=2, after completion of the primary IC card initializingprocess, the IC card chip 150 enters the active state. Subsequently, theparameters B and C are parameters regarding the secondary IC cardinitializing process which is executed when the MMC 110 processes an MMCinitializing command. When B=0, the CPU 121 does not access the IC cardchip 150. When B=1 and C=1, the CPU 121 resets (cold-resets orwarm-resets) the IC card chip 150. When B=1 and C=2, the CPU 121 resetsthe IC card chip 150 and, thereafter, makes the environment setting ofthe IC card chip 150. When B=1 and C=3, the CPU 121 resets the IC cardchip 150, thereafter, makes the environment setting of the IC card chip150, and finally inactivates the IC card chip 150. When B=2 and C=2, theCPU 121 makes the environment setting of the IC card chip 150. When B=2and C=3, the CPU 121 makes the environment setting of the IC card chip150 and, thereafter, inactivates the IC card chip 150. When B=3, if theIC card chip 150 is in the active state, the CPU 121 inactivates the ICcard chip 150. Finally, the parameter D is a parameter showing whetherthe IC card chip 150 is inactivated after the security process requestedby the host apparatus 220 is executed or not. When D=0, after theexecution of the security process, the CPU 121 does not inactivate theIC card chip 150 but holds it in the active state. When D=1, after theexecution of the security process, the CPU 121 inactivates the IC cardchip 150.

The CPU 121 can change the set values of the IC card control parametersA, B, C, and D. The CPU 121 can change those set values in accordancewith the contents or result of the security process or the CPU 121 canalso change those set values by using the reception of the memory cardcommand from the host apparatus as a trigger. The CPU 121 can also writethose set values into the flash memory chip 130, read out the set valuesfrom the flash memory chip 130, and use them as necessary. Those setvalues are shown as IC card control parameters 2111 in FIG. 21. Thus,even if the MMC 110 is inactivated, those set values can be held andtroublesomeness of new setting necessary each time the MMC 110 isactivated can be omitted.

FIG. 9 shows a flowchart for the primary IC card initializing process.When the initializing process is started (901), first, whether the ICcard control parameter A is equal to 0 or not is discriminated (902). IfA=0, the initializing process is finished as it is (908). If A≠0, the ICcard chip 150 is cold-reset (903). Subsequently, whether the IC cardcontrol parameter A is equal to 1 or not is discriminated (904). If A=1,the initializing process is finished (908). If A≠1, the environmentsetting of the IC card chip 150 is executed (905). Subsequently, whetherthe IC card control parameter A is equal to 2 or not is discriminated(906). If A=2, the initializing process is finished (908). If A≠2, theIC card chip 150 is inactivated (907). The initializing process isfinished (908).

FIG. 10 shows a flowchart for the secondary IC card initializingprocess. When the initializing process is started (1001), first, whetherthe IC card control parameter B is equal to 0 or not is discriminated(1002). If B=0, the initializing process is finished as it is (1013). IfB≠0, whether B=1 or not is discriminated (1003). If B=1, whether the ICcard control parameter A is equal to 0 or 3 or not is discriminated(1004). If A=0 or 3, the IC card chip 150 is cold-reset (1005) and step1007 follows. If A=1 or 2, the IC card chip 150 is warm-reset (1006) andstep 1007 follows. In step 1007, whether the IC card control parameter Cis equal to 1 or not is discriminated. If C=1, the initializing processis finished (1013). If C≠1, step 1009 follows. If B≠1 in step 1003,whether B=2 or not is discriminated (1008). If B=2, step 1009 follows.If B≠2, whether the IC card control parameter A is equal to 0 or 3 ornot is discriminated (1011). If A=0 or 3, the initializing process isfinished (1013). If A=1 or 2, step 1012 follows. In step 1009, theenvironment setting of the IC card chip 150 is made. Whether the IC cardcontrol parameter C is equal to 2 or not is discriminated (1010). IfC=2, the initializing process is finished (1013). If C≠2, step 1012follows. In step 1012, the IC card chip 150 is inactivated. Theinitializing process is finished (1013).

FIG. 11 simply shows signal waveforms at the external terminals of theIC card chip 150 in the case where the primary IC card initializingprocess or the secondary IC card initializing process is executed whenthe IC card chip 150 is in the inactive state. FIG. 12 simply showssignal waveforms at the external terminals of the IC card chip 150 inthe case where the secondary IC card initializing process is executedwhen the IC card chip 150 is in the active state. In FIGS. 11 and 12,the time is directed from left to right and the signals which areobserved at the VCC2 terminal 151, RST terminal 152, CLK2 terminal 153,and I/O terminal 157 are shown from the upper row toward the lower row.A broken line in the lateral direction indicates a base (L level) ofeach signal. In FIG. 11, reference numeral 1102 denotes a signalwaveform of the cold reset shown in FIG. 3. In FIG. 12, referencenumeral 1202 denotes a signal waveform of the warm reset shown in FIG.4. In FIGS. 11 and 12, first setting command processes 1104 a and 1204a, second setting command processes 1104 b and 1204 b, and N-th settingcommand processes 1104 c and 1204 c indicate signal waveforms of the ICcard command process shown in FIG. 5, respectively. Each of signalwaveforms 1104 and 1204 of the environment setting of the IC card chip150 is constructed by a series of signal waveforms of the N-time settingcommand processes. In FIGS. 11 and 12, reference numerals 1106 and 1206denote signal waveforms of the inactivation shown in FIG. 6,respectively. In FIGS. 11 and 12, each of broken lines 1101, 1103, 1105,1107, 1201, 1203, 1205, and 1207 in the vertical direction denotesspecific time; 1101 the time before the cold reset; 1201 the time beforethe warm reset; 1103 the time between timing of the cold reset andtiming of the environment setting; 1203 the time between timing of thewarm reset and timing of the environment setting; 1105 and 1205 the timebetween timing of the environment setting and timing of theinactivation; and 1107 and 1207 the time after the inactivation.

The signal waveforms upon execution of the primary IC card initializingprocess are shown with reference to FIG. 11. When the IC card controlparameter A is equal to 0, there is no change in signal waveforms. WhenA=1, the signal waveforms in a range from the time 1101 to the time 1103are obtained. When A=2, the signal waveforms in a range from the time1101 to the time 1105 are obtained. When A=3, the signal waveforms in arange from the time 1101 to the time 1107 are obtained.

The signal waveforms upon execution of the secondary IC cardinitializing process at the time when the IC card control parameter A isequal to 0 or 3 are shown with reference to FIG. 11. When the IC cardcontrol parameter B is equal to 0, there is no change in signalwaveforms. When B=1 and the IC card control parameter C is equal to 1,the signal waveforms in a range from the time 1101 to the time 1103 areobtained. When B=1 and C=2, the signal waveforms in a range from thetime 1101 to the time 1105 are obtained. When B=1 and C=3, the signalwaveforms in a range from the time 1101 to the time 1107 are obtained.

The signal waveforms upon execution of the secondary IC cardinitializing process at the time when the IC card control parameter A isequal to 1 or 2 are shown with reference to FIG. 12. When the IC cardcontrol parameter B is equal to 0, there is no change in signalwaveforms. When B=1 and the IC card control parameter C=1, the signalwaveforms in a range from the time 1201 to the time 1203 are obtained.When B=1 and C=2, the signal waveforms in a range from the time 1201 tothe time 1205 are obtained. When B=1 and C=3, the signal waveforms in arange from the time 1201 to the time 1207 are obtained. When B=2 andC=2, the signal waveforms in a range from the time 1203 to the time 1205are obtained. When B=2 and C=3, the signal waveforms in a range from thetime 1203 to the time 1207 are obtained. When B=3, the signal waveformsin a range from the time 1205 to the time 1207 are obtained.

FIG. 13 shows a flowchart at the time when the CPU 121 executes thesecurity process requested by the host apparatus 220 by the IC card chip150 in step 712 in FIG. 7. When the security process is started (1301),first, whether the IC card chip 150 is in the inactive state or not isdiscriminated (1302). If it is in the inactive state, the IC card chip150 is cold-reset (1303) and step 1306 follows. If it is in the activestate, step 1304 follows. In step 1304, whether it is necessary to resetthe IC card chip 150 again before the IC card command is issued to theIC card chip 150 or not is discriminated. If it is necessary, the ICcard chip 150 is warm-reset (1305) and step 1306 follows. If it isunnecessary, step 1306 follows. In step 1306, whether it is necessary toperform the environment setting of the IC card chip 150 or not isdiscriminated. If it is necessary, the environment setting of the ICcard chip 150 is performed (1307) and step 1308 follows. If it isunnecessary, step 1308 follows. In step 1308, the frequency F2 of theclock signal which is supplied to the CLK2 terminal of the IC card chip150 is set. The CPU 121 issues a security command to the IC card chip150 and the IC card chip 150 processes it (1309). A processing time ofthe security command depends on the clock frequency F2. Subsequently,whether the process is successful or not is discriminated by the IC cardresponse which is outputted by the IC card chip 150 (1310). If it issuccessful, step 1311 follows. If it fails, step 1312 follows. In step1311, whether all security commands to be issued to the IC card chip 150have been completed or not is discriminated. If the security commands tobe issued still exist, step 1304 follows. If all security commands to beissued have been completed, step 1314 follows. In step 1312, whether thefailed security command can be retried or not is discriminated. If itcan be retried, retry setting is executed (1313) and step 1304 follows.The retry setting denotes that the CPU 121 prepares again the securitycommands to be retried and its related data. If it cannot be retried,step 1314 follows. This means that the security process required by thehost apparatus 220 failed. The IC card control parameter D is checked instep 1314. If D=1, the IC card chip 150 is inactivated (1315) and thesecurity process is finished (1316). If D≠1, the security process isfinished while keeping the IC card chip 150 in the active state (1316).Although step 1308 has been located just before step 1309 so that theclock frequency F2 can be changed in accordance with the kind ofsecurity command which is issued in step 1309 in the flowchart of FIG.13, step 1308 can be also arranged in another position.

As one of factors which validates the conventional attacking methods tothe IC card, a factor such that the drive clocks of the IC card aredirectly supplied from an external connecting apparatus can bementioned. Since the drive clocks are under the control of theconnecting apparatus, in the timing analysis or the electric powerdifference analysis, the timing for the internal process of the IC cardcan be easily obtained in the measurement of the electric signal. In thefailure use analysis, an arithmetic operation error is easily caused dueto the supply of the abnormal drive clocks. According to the invention,when the security process is executed in the MMC 110 by the IC card chip150, the host apparatus 220 cannot directly supply the drive clocks ofthe IC card chip 150. The CPU 121 can freely set the frequency F2 of theclocks which are supplied to the IC card chip 150. Thus, it is possibleto realize the security process which flexibly corresponds to theprocessing performance required by the host apparatus 220. It issufficient that if the host apparatus 220 requests the high-speedsecurity process, the frequency F2 is set to a high value and if itrequests the low electric power consumption, the frequency F2 is set toa low value or the clocks are properly stopped. The CPU 121 can freelyset not only the frequency F2 but also the supply start timing andsupply stop timing of the clocks. By changing them at random, theattacking method called a timing analysis, an electric power differenceanalysis, or a failure use analysis to the IC card chip 150 can be madedifficult. Since the timing analysis is made on the assumption that theattacker can accurately measure the processing time of cryptographicprocess of once, as a countermeasure against it, it is effective todisable the attacker to accurately measure the processing time. Thereason why the timing analysis becomes difficult by the invention isthat the host apparatus 220 cannot accurately measure the duration ofthe time during which the IC card chip 150 is processing the IC cardcommand. As a countermeasure against the electric power differenceanalysis, it is effective to disable information regarding the executiontiming or order of the processes to be detected from the outside. Thereason why the electric power difference analysis becomes difficult bythe invention is that it is difficult for the host apparatus 220 todetect the time when the IC card command has been issued, the contentsof the issued IC card command, and the order of the issued IC cardcommands (in the case of executing the security process by combining aplurality of IC card commands). As a countermeasure against the failureuse analysis, it is effective to use a method whereby an operationenvironment detecting circuit of clocks, a voltage, a temperature, andthe like is installed in the IC card and if abnormality is detected, theprocess is stopped or disabled. The reason why the failure use analysisbecomes difficult by the invention is that since the CLK2 controlcircuit 127 does not supply the abnormal drive clocks to the IC cardchip 150, it is prevented that the host apparatus 220 makes the IC cardchip 150 cause the arithmetic operation error.

The CPU 121 can change the set values of the frequency F2 of the clockswhich are supplied to the IC card chip 150, the supply start timing, andthe supply stop timing in accordance with the contents or the result ofthe security process or can change them by using the reception of thememory card command from the host apparatus as a trigger. The CPU 121can also write those set values into the flash memory chip 130, read outthose set values from the flash memory chip 130, and use them asnecessary. Those set values are shown as CLK2 setting information 2113in FIG. 21. Thus, even if the MMC 110 has been inactivated, those setvalues can be held and troublesomeness of new setting necessary eachtime the MMC 110 is activated can be omitted.

FIG. 14 simply shows signal waveforms at the external terminals of theMMC 110 and the IC card chip 150 and the access by the CPU 121 to theflash memory chip 130 in steps (steps 710 to 712 in FIG. 7) which areexecuted in a range from the timing when the host apparatus 220 hasissued the security processing request write command to the MMC 110 tothe timing when the security process is executed in the IC card chip150. In FIG. 14, the time is directed from left to right. The top rowindicates the contents of the access to the flash memory chip 130. Thesignals which are observed at the VCC1 terminal 144, CMD terminal 142,CLK1 terminal 145, DAT terminal 147, VCC2 terminal 151, RST terminal152, CLK2 terminal 153, and I/O terminal 157 are shown from the secondtop row toward the lower row. A broken line in the lateral directionindicates the base (L level) of each signal. A procedure in a range fromthe timing when the host apparatus 220 has issued the securityprocessing request write command to the MMC 110 to the timing when thesecurity process is executed in the IC card chip 150 will be describedwith reference to FIG. 14. First, the host apparatus 220 transmits thesecurity processing request write command to the CMD terminal 142(1401). Subsequently, the host apparatus 220 receives a response to thesecurity processing request write command from the CMD terminal 142(1402). This response notifies the host apparatus 220 that the MMC 110has received the command and is not the execution result of the securityprocess. Subsequently, the host apparatus 220 transmits the securityprocessing request to the DAT terminal 147 (1403). The securityprocessing request is host data including the contents of the securityprocess and the data to be processed. Subsequently, the MMC 110 sets theDAT terminal 147 to the L level (1404). By this setting, the MMC 110notifies the host apparatus 220 that it is in a busy state.Subsequently, the CPU 121 issues the command for writing the securityprocessing request received from the host apparatus 220 into the flashmemory chip 130 (1405). By writing the security processing request intothe flash memory chip 130, a consumption amount of a work memory in theCPU 121 can be saved in the process (step 711 in FIG. 7) in which theCPU 121 describes the security processing request in the IC card commandformat. Such a method is effective when a data size of the securityprocessing request is large. The security processing request written inthe flash memory chip 130 is stored into the security process bufferarea 2114 in FIG. 21. Write command issuance 1405 is not theindispensable operation. A write processing period 1406 denotes a periodof time during which the flash memory chip 130 is executing the writingprocess of the security processing request. A security process 1407shows signal waveforms of the security process by the IC card chip 150.Those signal waveforms depend on transition steps in the flowchart ofFIG. 13. The security process 1407 can be overlapped to the writeprocessing period 1406. Generally, since the write processing period1406 of the flash memory chip 130 is on the order of millisecond, themethod of overlapping the write processing period 1406 to the securityprocess 1407 is effective in reduction of the whole processing time ofthe security process. Read/write 1408 denotes an access such that thesecurity processing request is read out from the flash memory chip 130or the calculation result outputted by the IC card chip 150 is writteninto the flash memory chip 130 during the execution of the securityprocess 1407. The consumption amount of the work memory in the CPU 121can be saved by the access. Such a method is effective when the datasize of the security processing request or the security processingresult is large. The read/write 1408 is not indispensable. Aftercompletion of the security process 1407, the MMC 110 sets the DATterminal 147 to the H level (1409). By this setting, the MMC 110notifies the host apparatus 220 that the security process has beencompleted.

FIG. 15 shows an example of signal waveforms of the security process1407 in FIG. 14. In FIG. 15, the time is directed from left to right.The top row indicates the contents of the access to the flash memorychip 130. The signals which are observed at the VCC2 terminal 151, RSTterminal 152, CLK2 terminal 153, and I/O terminal 157 are shown from thesecond top row toward the lower row. A broken line in the lateraldirection indicates the reference (L level) of each signal. Referencenumeral 1501 denotes signal waveforms of the cold reset shown in FIG. 3;1504 signal waveforms of the warm reset shown in FIG. 4; 1502 and 1505signal waveforms of the environment settings shown in FIG. 11 (or FIG.12); 1503, 1506, and 1507 signal waveforms of the IC card commandprocess shown in FIG. 5; and 1508 a signal waveform of the inactivationshown in FIG. 6. The signal waveforms shown in FIG. 15 are observed atthe external terminals of the IC card chip 150 when the flowchart ofFIG. 13 advances in order of 1301, 1302, 1303, 1306, 1307, 1308, 1309,1310, 1311, 1304, 1305, 1306, 1307, 1308, 1309, 1310, 1311, 1304, 1306,1308, 1309, 1310, 1311, 1314, 1315, and 1316. The access (read/write1408) to the flash memory chip 130 by the CPU 121 during the executionof the security process 1407 in FIG. 14 will be described with referenceto FIG. 15. For this access, the security process buffer area 2114 inFIG. 21 is used. Reads 1509, 1511, and 1512 denote accesses for readingthe data necessary for constructing the IC card command which istransmitted to the IC card chip 150 in the security command processes1503, 1506, and 1507 from the flash memory chip 130, respectively. Write1510 denotes an access for writing the calculation result outputted bythe IC card chip 150 in the security command process 1503 into the flashmemory chip 130. Write 1513 denotes an access for writing in the lumpthe calculation results outputted from the IC card chip 150 in thesecurity command processes 1506 and 1507 into the flash memory chip 130.The reads 1509, 1511, and 1512 can be overlapped to the accesses to theIC card chip 150 before the security command processes 1503, 1506, and1507, respectively. The writes 1510 and 1513 can be overlapped to theaccesses to the IC card chip 150 after the security command processes1503 and 1507, respectively. Those overlapping processes are effectivefor shortening the whole processing time of the security process.Further, when a writing unit of the flash memory chip 130 is large, aplurality of calculation results can be written in the lump as shown inthe write 1513. It is effective for reducing the number of times ofwriting into the flash memory chip 130 and delaying deterioration of theflash memory chip 130. The contents which are written into the flashmemory chip 130 in the writes 1510 and 1513 are not limited to thecalculation results themselves outputted from the IC card chip 150 butcan be the security processing result which is returned to the hostapparatus 220 in step 715 in FIG. 7 or a part of the security processingresult. In this case, step 714 in FIG. 7 or a part thereof is executedin step 712.

FIG. 16 simply shows signal waveforms at the external terminals of theMMC 110 and the access to the flash memory chip 130 by the CPU 121 in aprocedure (steps 713 to 715 in FIG. 7) in a range from the timing whenthe host apparatus 220 has issued the security processing result readcommand to the MMC 110 to the timing when the MMC 110 outputs thesecurity processing result. In FIG. 16, the time is directed from leftto right. The top row indicates the contents of the access to the flashmemory chip 130. The signals which are observed at the VCC1 terminal144, CMD terminal 142, CLK1 terminal 145, and DAT terminal 147 are shownfrom the second top row toward the lower row. A broken line in thelateral direction indicates the base (L level) of each signal. Aprocedure in a range from the timing when the host apparatus 220 hasissued the security processing result read command to the MMC 110 to thetiming when the MMC 110 outputs the security processing result will bedescribed with reference to FIG. 16. First, the host apparatus 220transmits the security processing result read command to the CMDterminal 142 (1601). Subsequently, the host apparatus 220 receives aresponse to the security processing result read command from the CMDterminal 142 (1602). This response notifies the host apparatus 220 thatthe MMC 110 has received the command and is not the security processingresult. Subsequently, the MMC 110 sets the DAT terminal 147 to the Llevel (1603). By this setting, the MMC 110 notifies the host apparatus220 that it is in a busy state. Subsequently, the CPU 121 reads out thecalculation result outputted by the IC card chip 150 from the securityprocess buffer area (2114 in FIG. 21) in the flash memory chip 130(1604). The CPU 121 constructs a security processing result on the basisof it and the MMC 110 outputs the security processing result to the DATterminal 147 (1605). If step 714 in FIG. 7 or a part thereof is executedin step 712, the security processing result or a part thereof is readout from the security process buffer area (2114 in FIG. 21) in the flashmemory chip 130 in step 1604. Step 1604 is unnecessary in the case ofconstructing the security processing result without using the securityprocess buffer area (2114 in FIG. 21) in the flash memory chip 130.

FIG. 27 shows an example of a format of each of the security processingrequest data which is transmitted to the MMC 110 in step 710 in FIG. 7and the security processing result data which is received by the hostapparatus 220 in step 715. It is preferable to apply such a format inthe case where the contents of the requested security process can beexpressed by one IC card command and the result of the security processcan be expressed by one IC card response. Both of the IC card commandwhich is transmitted to the IC card chip 150 and the IC card responsewhich is received from the IC card chip 150 comply with the ISO/IEC7816-4 standard. According to this standard, in the construction of theIC card command, a header of 4 bytes (a class byte CLA, an instructionbyte INS, and parameter bytes P1 and P2) are indispensable, and an inputdata length indication byte Lc, input data Data In, and an output datalength indication byte Le follow as necessary. In the construction ofthe IC card response, statuses SW1 and SW2 of 2 bytes are indispensableand output data Data Out is arranged before them as necessary. In data2701 of the security processing request in the above format, a formatidentifier FID 2703 and an IC card command length Lca 2704 are addedbefore an IC card command 2702 and, further, dummy data 2705 is paddedafter the IC card command 2702. The FID 2703 includes an identificationnumber of the format or attribute data of the format. A value of the Lca2704 is equal to a value obtained by summing the lengths of thecomponent elements of the IC card command 2702. In data 2711 of thesecurity processing result, a format identifier FID 2713 and an IC cardresponse length Lra 2714 are added before an IC card response 2712 and,further, dummy data 2715 is padded after the IC card response 2712. TheFID 2713 includes an identification number of the format or attributedata of the format. A value of the Lra 2714 is equal to a value obtainedby summing the lengths of the component elements of the IC card response2712. In the diagram, the example of the format in the case where Lc,Data In, and Le are included in the IC card command and Data Out isincluded in the IC card response is shown. In the Multi Media Cardspecifications, it is a standard manner that the data to beread/write-accessed is processed on a block unit basis of a fixedlength. Therefore, it is preferable that the sizes of the data 2701 ofthe security processing request and the data 2711 of the securityprocessing result are also set to be identical to the block sizecomplying with the Multi Media Card specifications. The dummy data 2705and 2715 are applied to make the sizes of the data 2701 of the securityprocessing request and the data 2711 of the security processing resultcoincide with the block size. It is desirable that the value which isused as a block size is set to a sector size (512 bytes) in the FATsystem which is used for the logical file system in a general smallmemory card. As dummy data 2705 and 2715 to be padded, the data of allzero or random numbers can be used. A check sum which is used by the CPU121 or the host apparatus 220 in order to detect and correct a dataerror can be also used. The value of the Lca 2704 is used in order toremove the dummy data 2705 from the data 2701 of the security processingrequest by the CPU 121. The value of the Lra 2714 is used in order toremove the dummy data 2715 from the data 2711 of the security processingresult by the host apparatus 220.

Before the MMC 110 is provided for the user of the security system orwhen a problem occurs in the MMC 110 which the user possesses, themanufacturer or the administrator of the MMC 110 needs to write variousinitial data into the IC card chip 150 built in the MMC 110 or test theIC card chip 150. To improve the usability of those operations which areexecuted by the manufacturer or the administrator of the MMC 110, theMMC 110 has an interface function for allocating the external terminalsof the IC card chip 150 to the MMC external terminals 140. Thus, theaccess signals to the IC card chip 150 as shown in FIGS. 3 to 6 can bedirectly transmitted and received to/from the MMC external terminals140. Such an operating mode of the MMC 110 is hereinlater called aninterface direct mode in order to distinguish from the operating modecomplying with the Multi Media Card specifications.

The interface direct mode will be described in detail. FIG. 17 shows anexample of a correspondence relation at the time of allocating theexternal terminals of the IC card chip 150 to the MMC external terminals140. In this example, the RST terminal 152 is allocated to the CSterminal 141, the GND2 terminal 155 is allocated to the GND1 terminals143 and 146, the VCC2 terminal 151 is allocated to the VCC1 terminal144, the CLK2 terminal 153 is allocated to the CLK1 terminal 145, andthe I/O terminal 157 is allocated to the DAT terminal 147, respectively.At this time, the CS terminal 141 and the CLK1 terminal 145 function asinput terminals and the DAT terminal 147 functions as an input/outputterminal.

When the MMC 110 receives the specific memory card command, it can shiftthe operating mode to the interface direct mode or return it from theinterface direct mode to the operating mode complying with the MultiMedia Card specifications. The memory card command to shift theoperating mode to the interface direct mode is called a direct commandand the memory card command to return the operating mode from theinterface direct mode to the normal mode is called a return commandhereinbelow. Referring to FIG. 1, the MMC I/F control circuit 123 isconnected to the VCC2 control circuit 126, the CLK2 control circuit 127,and the IC card I/F control circuit 128. When the MMC 110 receives thedirect command from the host apparatus 220, it executes the terminalallocation shown in FIG. 17 by an instruction of the CPU 121. When theMMC 110 receives the return command from the host apparatus 220, itcancels the terminal allocation shown in FIG. 17 by an instruction ofthe CPU 121. The MMC 110 is returned to the operating mode complyingwith the Multi Media Card specifications.

Since the host apparatus 220 can directly access the IC card chip 150 inthe interface direct mode, it is necessary to designate the persons whocan use the interface direct mode to only the limited persons in view ofthe security. Therefore, when the direct command is issued, it isnecessary to transmit a password which is not known to the generalusers. Unless the correct password is inputted, the interface directmode cannot be used.

FIG. 18 shows a flowchart for processes in a range from the timing whenthe host apparatus 220 shifts the operating mode of the MMC 110 from theoperating mode complying with the Multi Media Card specifications to theinterface direct mode and directly accesses the IC card chip 150 to thetiming when the host apparatus 220 thereafter again returns theoperating mode of the MMC 110 to the operating mode complying with theMulti Media Card specifications. The host apparatus 220 starts theprocess (1801) and, first, issues the direct command to the MMC 110(1802). The MMC 110 discriminates whether the password transmitted bythe direct command is correct or not (1803). If it is correct, step 1804follows. If it is wrong, the processing routine is finished (1810). Instep 1804, the CPU 121 cold-resets the IC card chip 150. The terminalallocation shown in FIG. 17 is executed and the interface is set to thedirect mode (1805). The host apparatus 220 directly accesses the IC cardchip 150 from this point of time (1806). When the host apparatus 220finishes the direct access to the IC card chip 150 and again returns theoperating mode of the MMC 110 to the operating mode complying with theMulti Media Card specifications, the host apparatus 220 issues thereturn command to the MMC 110 (1807). Thus, the CPU 121 cancels theterminal allocation shown in FIG. 17 and the MMC 110 is returned to theoperating mode complying with the Multi Media Card specifications(1808). The CPU 121 inactivates the IC card chip 150 (1809). Theprocesses are finished in this manner (1810).

FIG. 19 simply shows signal waveforms at the external terminals of theMMC 110 and the IC card chip 150 in the procedure in steps 1801 to 1806in FIG. 18. In FIG. 19, the time is directed from left to right. Thesignals which are observed at the VCC1 terminal 144, CMD terminal 142,CLK1 terminal 145, DAT terminal 147, VCC2 terminal 151, RST terminal152, CLK2 terminal 153, and I/O terminal 157 are shown from the upperrow toward the lower row. A broken line in the lateral directionindicates the reference (L level) of each signal. Reference numeral 1905denotes signal waveforms of the cold reset in FIG. 3. Mode shift time1906 indicates time when the operating mode is shifted to the interfacedirect mode.

A procedure in which the host apparatus 220 shifts the operating mode ofthe MMC 110 from the operating mode complying with the Multi Media Cardspecifications to the interface direct mode and directly accesses the ICcard chip 150 will now be described with reference to FIG. 19. 3V(standard voltage at the VCC2 terminal 151) has been supplied to theVCC1 terminal 144 of the MMC 110. When the host apparatus 220 inputs thedirect command to the CMD terminal 142 (1901), a response to the directcommand is outputted from the CMD terminal 142 (1902). This responsenotifies the host apparatus 220 that the MMC 110 has received thecommand. Subsequently, the host apparatus 220 inputs a password to theDAT terminal 147 (1903). After the input of the password, the MMC 110outputs an L-level signal to the DAT terminal 147 (1904) and notifiesthe host apparatus 220 that it is in a busy state. The CPU 121cold-resets the IC card chip 150 during the busy state (1905). At themode shift time 1906, the operating mode is shifted to the interfacedirect mode. At this time, the DAT terminal 147 is changed from the Llevel to the high impedance state. Thus, the host apparatus 220 can knowthe cancellation of the busy state. From this point of time, the hostapparatus 220 directly accesses the IC card chip 150. For example, whenthe clock is supplied to the CLK1 terminal 145 (1907), the clock issupplied to the CLK2 terminal 153 (1908). When the IC card command istransmitted to the DAT terminal 147 (1909), the IC card command istransmitted to the I/O terminal 157 (1910).

FIG. 20 simply shows signal waveforms at the external terminals of theMMC 110 and the IC card chip 150 in a procedure in steps 1807 to 1810 inFIG. 18. In FIG. 20, the time is directed from left to right. Thesignals which are observed at the VCC1 terminal 144, CMD terminal 142,CLK1 terminal 145, DAT terminal 147, VCC2 terminal 151, RST terminal152, CLK2 terminal 153, and I/O terminal 157 are shown from the upperrow toward the lower row. A broken line in the lateral directionindicates the base (L level) of each signal. Mode return time 2003denotes time when the operating mode is returned from the interfacedirect mode to the operating mode complying with the Multi Media Cardspecifications. Reference numeral 2004 denotes signal waveforms of theinactivation in FIG. 6.

Referring to FIG. 20, the procedure by which the host apparatus 220returns the operating mode of the MMC 110 from the interface direct modeto the operating mode complying with the Multi Media Card specificationswill be described. 3V (standard voltage at the VCC2 terminal 151) hasbeen supplied to the VCC1 terminal 144 of the MMC 110. When the hostapparatus 220 inputs the return command to the CMD terminal 142 (2001),a response to the return command is outputted from the CMD terminal 142(2002). This response notifies the host apparatus 220 that the MMC 110has received the command. The MMC 110 outputs an L-level signal to theDAT terminal 147 at the mode return time 2003, notifies the hostapparatus 220 that it is in a busy state, and at the same time, returnsthe operating mode to the operating mode complying with the Multi MediaCard specifications. During the busy state, the CPU 121 inactivates theIC card chip 150 (2004). The MMC 110 sets the DAT terminal 147 into thehigh-impedance state (2005) and notifies the host apparatus 220 that theprocess of the return command has been completed. After that, the hostapparatus 220 cannot directly access the IC card chip 150. If the hostapparatus 220 transmitted some memory card command to the CMD terminal142 while supplying the clocks to the CLK1 terminal 145, the clocksignal (2006) is not transferred to the IC card chip 150. Although theclock signal which is supplied to the CLK1 terminal 145 by the hostapparatus 220 in 2001 or 2002 is also transferred to the CLK2 terminal153 of the IC card chip 150, since the DAT terminal 147 is in thehigh-impedance state, the IC card chip 150 does not erroneouslyrecognize the IC card command.

In FIG. 21, information showing a progressive situation of the securityprocess by the IC card chip 150 is stored in the security process statearea 2116. The CPU 121 can update this information during the executionof the security process. For example, if the power supply to the MMC 110is stopped on the way of the security process, the CPU 121 reads outsuch information and refers to it at the restart of the power supply, sothat the security process can be restarted from the stage where it hasbeen interrupted.

According to the embodiment of the invention, since the drive clocks ofthe IC chip are not directly supplied from the outside of the memorycard, the processing time of the IC chip cannot be accurately measuredand it is difficult to detect the execution timing and order of theprocesses. Further, the abnormal drive clocks cannot be supplied and itis difficult to cause the arithmetic operation error. Therefore, thesecurity for the attacking method such as timing analysis, electricpower difference analysis, or failure use analysis is improved.

According to the embodiment of the invention, the control method of theIC chip can be freely set from the outside of the memory card. Forexample, if the high-speed process is required, the control method inwhich the frequency of the drive clocks of the IC chip is high can beset. If the low electric power consumption is required, the controlmethod in which the frequency of the drive clocks of the IC chip are lowor the drive clocks of the IC chip is properly stopped can be set.Therefore, the security process flexibly corresponding to the processingperformance which is required by the security system can be realized.

According to the invention, the data necessary for the security processby the IC chip and the information for managing the IC chip can be heldin the flash memory. Thus, usability of the security process can beimproved.

According to the embodiment of the invention, the manufacturer or theadministrator of the MMC can directly access the IC chip in the MMC.Therefore, the initialization and maintenance of the IC chip in the MMCcan be realized by a method similar to that of the conventional IC card.

According to the embodiment of the invention, in the case of adding thesecurity function to the MMC having the flash memory chip, byadditionally installing the IC card chip which has previously beenauthenticated by the Security Authentication Facilities, theauthentication by the Security Authentication Facilities is unnecessary,so that the developing period of time or the manufacturing period oftime of the MMC is shortened.

INDUSTRIAL APPLICABILITY

According to the invention, an effect such that the security of thestorage apparatus is improved is obtained.

According to the invention, an effect such that the manufacturing of thestorage apparatus is simplified is obtained.

Although the above disclosure has been made with respect to theembodiment, it will be obvious to those with ordinary skill in the artthat many variations and modifications are possible within the purviewof the spirit and Claims of the present invention.

1. A storage apparatus for storing data comprising: a memory which canstore said data; a processing apparatus which can store said data and isoperable to execute security processing of said data; and a controllerfor controlling said memory and said processing apparatus, based oncommands from an external host apparatus, wherein said controller isadapted to determine either a mode for bypassing said memory andtransmitting said data to said processing apparatus or a mode for oncestoring said data into said memory and, thereafter, transmitting saiddata to said processing apparatus in accordance with a size of datawhich was write-requested from said host apparatus.
 2. A storageapparatus according to claim 1, wherein: when the size of the data whichwas write-requested from said host apparatus is equal to or larger thanan allowable data size of the data which can be received by saidprocessing apparatus, said controller is adapted to once store said datainto said memory and, thereafter, to transmit said data to saidprocessing apparatus.
 3. A storage apparatus according to claim 1,wherein: when the size of the data which was write-requested from saidhost apparatus is equal to or smaller than an allowable data size of thedata which can be received by said processing apparatus, said controlleris adapted to bypass said memory and transmit said data to saidprocessing apparatus.
 4. A storage apparatus for storing datacomprising: a memory which can store data; a processing apparatus whichcan store said data and is operable to execute security processing ofsaid data; and a controller for controlling said memory and saidprocessing apparatus, based on commands from an external host apparatus,wherein said memory, said processing apparatus and said controller arediscrete chips, wherein said controller generates drive clock fordriving said processing apparatus, with said drive clock beingindependent of clocks from said host apparatus, wherein said memory is anon-volatile semiconductor memory, wherein said processing apparatus isan IC chip including a CPU, a ROM, a RAM, and an EEPROM, wherein saidcontroller includes a CPU and an interface control circuit, wherein saidmemory has: a first storing area which can be accessed from said hostapparatus; and a second area in which the access from said hostapparatus is limited and which is adapted to be used for storing thedata that is used by said processing apparatus in accordance with arequest from at least one of said controller and said processingapparatus, and wherein: the data which is used by said processingapparatus includes at least one of parameters for controlling saidprocessing, information for environment setting of said processingapparatus, information for setting clocks for controlling saidprocessing apparatus, and a status for allowing said processingapparatus to execute the security process.
 5. A storage apparatuscomprising: a memory which can store data; a processing apparatus whichcan store said data and is operable to execute security processing ofsaid data; and a controller for controlling said memory and saidprocessing apparatus, based on commands from an external host apparatus,wherein said controller is adapted to generate drive clocks for drivingsaid processing apparatus and electric power for driving said processingapparatus wherein: in a case of stopping said processing apparatus, saidcontroller stops the supply of said drive clock to said processingapparatus, sets said reset signal to a low-level state, sets said datainput/output terminal to the pulled-up state, and sets the reset signalto the high level, while maintaining the supply of said electric powerto said processing apparatus.
 6. A storage apparatus for storing datacomprising: a memory which can store data; a processing apparatus whichcan store said data and is operable to execute security processing ofsaid data; and a controller for controlling said memory and saidprocessing apparatus, based on processing requests from an external hostapparatus which issues high speed requests and low speed requests,wherein said controller generates drive clocks for driving saidprocessing apparatus, and wherein said controller is adapted to set afirst frequency for said drive clocks in a case where the processingrequest from said host apparatus is a high speed request and to set asecond frequency for said drive clocks in a case where the processingrequest from said host apparatus is a low speed request, wherein thefirst frequency is higher than the second frequency.
 7. A storageapparatus comprising: a memory which can store data from an externalhost apparatus; and a controller for controlling an access to saidmemory in accordance with a request from said host apparatus, wherein:said storage apparatus has a processing apparatus for processing thedata from said host apparatus and storing said data; when a power supplyto said processing apparatus is stopped, said controller instructs tostart the power supply to said processing apparatus, thereafter,instructs to start a supply of drive clocks for driving said processingapparatus to said processing apparatus, thereafter, sets a datainput/output terminal of said processing apparatus to a pulled-up state,and thereafter, sets a reset signal which is supplied to said processingapparatus to a high-level state; and when the power source is suppliedto said processing apparatus, said controller stops the supply of saiddrive clocks to said processing apparatus, sets said reset signal to alow-level state, sets said data input/output terminal to the pulled-upstate, and sets the reset signal to the high level.